IP Risk Score: 78 / 100

This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.

Block IPs like this in your system

What is this IP address?

IP Address: 31.58.9.129

Country: Germany flag

Germany (DE)

Region Name: Hesse (HE)

City: Frankfurt am Main

ISP: Leaseweb Deutschland GmbH

Threat level: 78 / 100
Conf. level: 100 / 100

Properties

ASN: AS28753

AS Name: Leaseweb Deutschland GmbH

Timezone: Europe/Berlin

Status: Critical

Hosting

Observed Client Profile

OS: macOS (100%)
Device Type: Desktop (100%)
Browser Family: Chrome (100%)
Rendering Engine: Gecko (100%)

Behavioral Indicators

The IP address exhibits suspicious behavior with no JavaScript support, indicating potential bot activity. It originates from a known hosting provider and has a user-agent that appears to be spoofed. The single access event raises concerns about possible reconnaissance or scraping attempts.

The supernet (31.58.0.0/16), which this IP belongs to, exhibits coordinated behavior with multiple IPs accessing the same site using similar user agents, suggesting the presence of automated scraping or bot activity. The high frequency of low-interaction, one-page visits, combined with the use of proxies and mismatched DNS records, raises concerns about potential misuse of legitimate infrastructure.

JavaScript Support

⚠️ No

User-Agent Samples

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36

Integrate IPIntel into your system

IP Location

Region: Hesse, Germany

City: Frankfurt am Main

Local time: 2026-06-26 00:23:45

Subnet
31.58.9.0/24
Supernet
31.58.0.0/16